From 873244e795356d77426cbff4224f7b8a55a6835f Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 8 Dec 2015 16:42:51 +0100
Subject: [PATCH] - added letsencrypt arguments to exec call to avoid need of
 ini file - added cron for letsencrypt renewal

---
 .../classes/cron.d/900-letsencrypt.inc.php    | 48 +++++++++++++++++++
 .../plugins-available/apache2_plugin.inc.php  |  6 ++-
 server/plugins-available/nginx_plugin.inc.php |  6 ++-
 3 files changed, 56 insertions(+), 4 deletions(-)
 create mode 100644 server/lib/classes/cron.d/900-letsencrypt.inc.php

diff --git a/server/lib/classes/cron.d/900-letsencrypt.inc.php b/server/lib/classes/cron.d/900-letsencrypt.inc.php
new file mode 100644
index 0000000000..4ee72bd92d
--- /dev/null
+++ b/server/lib/classes/cron.d/900-letsencrypt.inc.php
@@ -0,0 +1,48 @@
+<?php
+
+/*
+Copyright (c) 2013, Marius Cramer, pixcept KG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+class cronjob_letsencrypt extends cronjob {
+
+	// job schedule
+	protected $_schedule = '0 3 * * *';
+
+	public function onRunJob() {
+		global $app, $conf;
+
+		if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt-renewer")) {
+			exec('/root/.local/share/letsencrypt/bin/letsencrypt-renewer');
+		}
+		
+		parent::onRunJob();
+	}
+
+}
+
+?>
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 4e26c546bb..6daa5429a3 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -1144,8 +1144,10 @@ class apache2_plugin {
 					$app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);
 					$app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']);
 					$app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");
-
-					$this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth -a webroot --email postmaster@$domain --domains $lddomain --webroot-path $webroot");
+					
+					if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt")) {
+						$this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator=webroot --server=https://acme-v01.api.letsencrypt.org/directory --rsa-key-size=4096 --webroot-path --email postmaster@$domain --domains $lddomain --webroot-path " . escapeshellarg($webroot));
+					}
 				};
 
 				//* check is been correctly created
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 9c688d208e..fbbf6c0a3f 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -1181,8 +1181,10 @@ class nginx_plugin {
 				$app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);
 				$app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']);
 				$app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");
-
-				$this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth -a webroot --email postmaster@$domain --domains $lddomain --webroot-path $webroot");
+				
+				if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt")) {
+					$this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator=webroot --server=https://acme-v01.api.letsencrypt.org/directory --rsa-key-size=4096 --webroot-path --email postmaster@$domain --domains $lddomain --webroot-path " . escapeshellarg($webroot));
+				}
 			};
 
 			//* check is been correctly created
-- 
GitLab